PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP...
Transcript of PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP...
![Page 1: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/1.jpg)
PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF THE PSP 2018 ANNUAL CONFERENCE
PLATINUM SPONSOR
ADDITIONAL SPONSORS
![Page 2: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/2.jpg)
BONUS SESSION:RA21: IMPROVING ACCESS TO SCHOLARLY RESOURCES, FROM ANYWHERE, ON ANY DEVICE
SPEAKERS: ANN GABRIEL, VICE PRESIDENT, ACADEMIC & RESEARCH RELATIONS, ELSEVIER
CHAIR OF RA21 OUTREACH COMMITTEERALPH YOUNGEN, DIRECTOR OF PUBLISHING SYSTEMS INTEGRATION, ACS
CO-CHAIR OF RA21
February 9, 2018
![Page 3: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/3.jpg)
What is RA21?
• RA21: Resource Access for the 21st Century
• Joint initiative of the International Association of STM Publishers (STM) and the National Information Standards Organization (NISO)
• Aimed at optimizing access protocols across key stakeholder groups
• Corporate and university subscribers, libraries, software vendors, publishers, identity federation operators, etc.
• Purpose: To a facilitate seamless user experience beyond IP address recognition, supporting network security and user privacy
![Page 4: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/4.jpg)
Why RA21?
Simple access to content needs to be fixed, especially for off campus use:
• Scholarly content & services are increasingly being accessed from outside of corporate/campus networks
• Publisher pathways for providing off-network access has not kept pace with our experience as consumers (e.g. Google, Facebook, LinkedIn logins across multiple sites).
• When accessing publisher platforms off-network, fully entitled end users are turning to alternative resources (e.g. SciHub, etc.) because of ease of access.
• RA21 has been established as the first step in the journey towards replacing the now outdated IP based access & authentication model.
4
![Page 5: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/5.jpg)
RA21 GoalsRecommend new solutions for access strategies beyond IP recognition
in joint collaboration with software vendors, libraries, federation operators
• Test and improve solutions by organizing pilots in a variety of environments for the creation of best practice recommendations:
• Corporate Pilot• Two Academic Pilots:
– Privacy Preserving Persistent WAYF (P3W) Pilot – WAYF Cloud Pilot
• Pilots working together on:
– User experience and a reference UI
– Privacy and security issues
RA21 as a project will not develop a specific technical solution or one industry-wide authentication platform 5
![Page 6: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/6.jpg)
Current Situation
Currently off campus access is complex, cumbersome and not secure
• Off-network access to scholarly content and services is managed via a confusing mix of VPN servers, Proxy servers, Shibboleth, library portals, etc.
– Inconsistent user experience across publisher platforms
– Cumbersome: multiple steps required (with hundreds of options offered at various points)
– Complex: pathways are not clear
– Not secure: hard to detect fraud, theft and leaks
6
![Page 7: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/7.jpg)
• VPN/Proxy Servers
Off-Campus Solutions
7
![Page 8: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/8.jpg)
• Device Pairing
• VPN/Proxy
Off-Campus Solutions
8
![Page 9: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/9.jpg)
• Device Pairing
• Google’s Campus-Activated Subscriber Access (CASA)
• VPN/Proxy
Off-Campus Solutions
9
![Page 10: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/10.jpg)
• Device Pairing
• CASA (Google)
• VPN/Proxy
Off-Campus Solutions
10
All Leverage Institutional IP Address Recognition
All Require User Setup In Advance
![Page 11: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/11.jpg)
RA21 User Experience
11
“You have to start with the customer experience and work your way back to technology.”— Steve Jobs
![Page 12: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/12.jpg)
RA21 User Experience
• RA21 seeks to follow the pattern emerging on consumer websites:
12
![Page 13: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/13.jpg)
13
Consumer Web – First Time User Experience
![Page 14: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/14.jpg)
14
Consumer Web – Subsequent Visits
![Page 15: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/15.jpg)
15
Consumer Web – Privacy Concerns??
Doodle now knows some highly personal information about me:
• my name• my picture,• my email address
![Page 16: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/16.jpg)
RA21 UX Development
• Seeks to implement the same ease of use as found in consumer web examples, while still preserving user privacy.
16
Typical Research Discovery Workflow On Campus
![Page 17: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/17.jpg)
RA21 UX Development
• Seeks to implement the same ease of use as found in consumer web examples, while still preserving user privacy.
17
Typical Research Discovery Workflow Off Campus
![Page 18: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/18.jpg)
RA21 UX Development
• Seeks to implement the same ease of use as found in consumer web examples, while still preserving user privacy.
18
Typical Research Discovery Workflow Off Campus
![Page 19: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/19.jpg)
19
![Page 20: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/20.jpg)
Preserving Privacy
20
User: 12345Role: Student
User: 56789Role: Student
User: 55555Role: Student
Publishers receive attributes about the user, not the user’s identity.
Reporting: ChemStudent
Reporting: ChemStudent
Reporting: ChemStudent
![Page 21: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/21.jpg)
RA21 Misperceptions
21
“I’m starting to see the end-game of the STM/NISO RA21: Resource Access for the 21st Century project. And, dear reader, I’m a little unsettled by it.”
“RA21 has scoped its problem the wrong way. Simply put: It’s not about security. It’s about identity.”
![Page 22: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/22.jpg)
RA21 Myths – Demystified
22
1) IP authentication is inherently privacy persevering while federated authentication technologies are not• Busted: Federated authentication can be privacy preserving, while some privacy
regulations (e.g. GDPR) consider IP addresses as personally identifiable information.2) Proxy servers work just fine as a solution for off-campus access
• Busted: Proxy servers force individuals to start their research journey on an institutional portal rather than directly from their tool of choice (e.g. Google, PubMed).
3) RA21 just wants to enable publishers to track users across each other’s platforms• Busted: Cross-site tracking technology is decades old. The fact that publishers haven’t
pursued this indicates there is limited, if any, commercial motivation to do so.4) RA21 creates yet another username and password
• Busted: RA21 leverages a user’s existing institutional credentials and does not require the creation of publisher-specific usernames and passwords.
![Page 23: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/23.jpg)
RA21 Myths – Demystified (continued)
23
5) RA21 is placing control of users’ identity in the hands of institutions and not the individuals themselves• Plausible: RA21 seeks to validate that a user is a member of an institution's authorized
user community. Doing so does not require that an institution reveal the identity of the user. However, it is possible that some campus/corporate identity systems may be configured to convey personal information to some service providers.
6) RA21 seeks to eliminate IP-based access• Confirmed: RA21 believes that federated authentication provides many advantages
over IP-based access. The obvious starting point for RA21 is to improve a user’s experience while away from the campus/corporate network. We hypothesize that it will eventually become second nature for users to use their institutional credentials to access scholarly resources regardless of location.
![Page 24: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/24.jpg)
Takeways: RA21 vs. IP-based Solutions
24
1) No prior setup required (e.g. to configure a proxy/vpn server, pair a device, etc.). No disruption to the research discovery workflow.
2) Ability for publishers to offer differentiated user experience or differentiated services based upon user attributes (not identity).
3) Ability to block a single user account instead of an IP address, and offer more targeted information to campus security to investigate potentially compromised credentials.
4) Ability to offer more granular usage reporting back to subscribers.
![Page 25: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/25.jpg)
RA21 Roadmap 2018 and onwards
25
Q1 2018
Early outputs
Position papers
Q1-Q2 2018
Mid-term outputs
Task Forces: UX; Security / privacy
Pilots: Options for discovery; technology
platforms
Q2/ Q3 2018
Final Recommendations and open consultation
(via NISO process)
Q4 2018 and onwards
Long Term outputs
Creation of and involvement in
Operational User Communities
Throughout RA21 and onwards
Ongoing outreach engagement across key stakeholder communities
Beyond 2018:
STM hands over the lead of the project to
NISO for adoption and implementation by all
stakeholders
![Page 26: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/26.jpg)
Outreach ActivitiesCNI - December 2016, April 2017
STM - December 2016, July 2017, December 2017
SSP - May 2017
JISC - July 2017
AGLIN Forum - August 2017
SURF - September 2017 Utrecht
Internet2 - October 2017 San Francisco
Charleston Conference - November 10, 2017
UKSG - November 16, 2017
CCC - hosted webinar November 16, 2017
RA21 in the News
Myth Busting: Five Commonly Held Misconceptions About RA21 (and One Rumor Confirmed)
https://scholarlykitchen.sspnet.org/2018/02/07/myth-busting-five-commonly-held-misconceptions-ra21/
UKSG Insight – Opinion Pieces: “Easy access to the version of record (VoR) could help combat piracy: views from a publishing technologist” Author: Tasha Mellins-Cohen. 10 July 2017.
Society for Scholarly Publishing – Scholarly Kitchen: “Failure to Deliver: Reaching Users in an Increasingly Mobile World” Author: Todd Carpenter. 15 June 2017.
Library Learning Space: “RA21 and libraries” 16 May 2017.
Index Data: “RA21 Project aims to ease remote access to licensed content” Author: Peter Murray. 19 December 2016.
ALA Midwinter - January 20-24, 2018 Denver
PSP - February 7-9, 2018 DC
ER&L – March 6-8, 2018 Austin
MLA Insights – March 6, 2018 Chicago
ACS – March 18-22, 2018 New Orleans
STM – April 24-26, 2018 Philadelphia
MLA - May 18-23, 2018, Atlanta
SLA – June 9-13, 2018 Baltimore
![Page 27: PSP WOULD LIKE TO THANK THE FOLLOWING SPONSORS OF … · RA21 Myths – Demystified 22 1) IP authentication is inherently privacy persevering while federated authentication technologies](https://reader035.fdocuments.in/reader035/viewer/2022063018/5fdbd1b09aedb5165077075a/html5/thumbnails/27.jpg)
Questions?
Visit: https://www.RA21.org
Contact:
27
Ann Gabriel [email protected] Youngen [email protected]
Julia Wallace•Program Director•[email protected]
Heather Flanagan•Pilot Coordinator•[email protected]